A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem
https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective
https://www.tenable.com/blog/hold-the-door-why-organizations-need-to-prioritize-patching-ssl-vpns
https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a